fix to prevent handshake failure
This commit is contained in:
parent
87e1c957a7
commit
d60356067d
20
index.py
20
index.py
@ -4,12 +4,12 @@
|
||||
# IMPORTATION
|
||||
import cgi
|
||||
import json
|
||||
import urllib.request
|
||||
import ssl
|
||||
import hashlib
|
||||
import dns.query
|
||||
import dns.message
|
||||
import socket
|
||||
import requests
|
||||
|
||||
from cryptography import x509
|
||||
from cryptography.hazmat.backends import default_backend
|
||||
@ -50,11 +50,14 @@ def tlsa_validation(DOMAIN):
|
||||
mtype = str(tlsalist[6])
|
||||
hexdata1 = str(tlsalist[7])
|
||||
|
||||
conn = ssl.create_connection((DOMAIN , 443))
|
||||
context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
|
||||
sock = context.wrap_socket(conn, server_hostname=DOMAIN)
|
||||
cert = ssl.DER_cert_to_PEM_cert(sock.getpeercert(True))
|
||||
cert = cert.encode('ascii')
|
||||
try:
|
||||
conn = ssl.create_connection((DOMAIN , 443))
|
||||
context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
|
||||
sock = context.wrap_socket(conn, server_hostname=DOMAIN)
|
||||
cert = ssl.DER_cert_to_PEM_cert(sock.getpeercert(True))
|
||||
cert = cert.encode('ascii')
|
||||
except:
|
||||
return(False)
|
||||
|
||||
if selector == "0":
|
||||
certdata = cert.as_der()
|
||||
@ -81,7 +84,8 @@ def tlsa_validation(DOMAIN):
|
||||
def headers_validation(DOMAIN):
|
||||
url = "https://" + DOMAIN + "/"
|
||||
try:
|
||||
headers = urllib.request.urlopen(url,timeout=3).info()
|
||||
r = requests.get(url)
|
||||
headers = r.headers
|
||||
except:
|
||||
return("NO HTTPS")
|
||||
|
||||
@ -130,5 +134,3 @@ if "HPKP_TRUE" in headers:
|
||||
|
||||
JSON_RESULT = json.dumps(JSON_DATA)
|
||||
print(JSON_RESULT)
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user